CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,374 vulnerabilities with CWE-352
CVE-2021-24218
HIGH
Facebook for WordPress 3.0.0-3.0.3 - Cross-Site Request Forgery via AJAX Settings Actions
CVSS 8.8
CVE-2021-25327
MEDIUM
Skyworth Digital Technology RN510 V.3.1.0.4 - CSRF
CVSS 6.5
CVE-2021-25326
MEDIUM
Skyworth Digital Technology RN510 V.3.1.0.4 - Info Disclosure
CVSS 5.4
CVE-2021-22512
MEDIUM
Micro Focus Application Automation Tools Plugin - Jenkins <6.7 - CSRF
CVSS 6.5
CVE-2021-30114
MEDIUM
Web-School ERP V 5.0 - Cross-Site Request Forgery via Voucher Payment Request
CVSS 6.5
CVE-2021-30112
MEDIUM
Web-School ERP 5.0 - Cross-Site Request Forgery via Student Leave Application
CVSS 6.5
CVE-2021-21641
MEDIUM
Jenkins promoted builds < 3.9 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-20687
HIGH
Kagemai 0.8.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-30147
HIGH
DMA Softlab Radius Manager 4.4.0 - CSRF
CVSS 8.8
CVE-2021-24174
HIGH
Database Backups WordPress Plugin <= 1.2.2.6 - Cross-Site Request Forgery
CVSS 8.1
CVE-2021-24173
MEDIUM
VM Backups < 1.0 - Cross-Site Request Forgery leading to Stored Cross-Site Scripting
CVSS 6.1
CVE-2021-24172
MEDIUM
VM Backups WordPress Plugin < 1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-24166
MEDIUM
Ninja Forms < 3.4.34 - Cross-Site Request Forgery via OAuth Disconnect Endpoint
CVSS 5.4
CVE-2021-24162
HIGH
Responsive Menu < 4.0.4 - Cross-Site Request Forgery via Settings Import
CVSS 8.8
CVE-2021-24161
HIGH
Responsive Menu < 4.0.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-24159
HIGH
Contact Form 7 Style < 3.1.9 - Cross-Site Request Forgery via Custom CSS Feature
CVSS 8.8
CVE-2021-29660
HIGH
Softing OPC Toolbox < 4.10.1.13035 - Cross-Site Request Forgery via Password Reset Endpoint
CVSS 8.8
CVE-2021-22202
LOW
GitLab < 13.10.0 - Cross-Site Request Forgery via System Hooks API
CVSS 2.4
CVE-2021-25924
HIGH
GoCD 19.6.0-21.1.0 - Cross-Site Request Forgery via Backup Configuration Endpoint
CVSS 8.8
CVE-2021-26071
LOW
Jira Server/Data Center <8.5.13, 8.6.0-8.13.5 - CSRF via SetFeatureEnabled.jspa
CVSS 3.5
CVE-2021-29349
MEDIUM
Mahara 20.10 - Cross-Site Request Forgery via Inbox Mail Deletion
CVSS 6.5
CVE-2021-21638
HIGH
Jenkins Team Foundation Server Plugin < 5.157.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-21633
HIGH
Jenkins OWASP Dependency-Track < 3.1.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-21629
HIGH
Jenkins Build With Parameters Plugin < 1.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-26216
MEDIUM
SeedDMS 5.1.0-5.1.20 - Cross-Site Request Forgery in out.EditFolder.php
CVSS 4.3
Details
Vulnerabilities
9,374
Exploit Likelihood
Medium